<?php
require_once "session.php";
require_once "xml.php";
require_once "json.php";
class NewBudget_User{
	private $xmldb;
	public function __construct(){
		$this->xmldb=new NewBudget_XmlDb("../db/user.xml");
	}
	
	public function authentication($args){
		$this->selectUser("user[@username='".$args["username"]."' and @passwd='".md5($args["passwd"])."']");
	}
	
	public function getUserDetail($args){
		if(-1==$args["userid"])
			$this->visitorLogin();
		else
			$this->selectUser("user[@userid=".$args["userid"]."]");
	}
	
	private function selectUser($xps){
		$re=$this->xmldb->xselect($xps);
		if(1==$re->length){
			NewBudget_Session::set("userrole",$re->item(0)->getAttribute("role"));
			$result=array("result"=>1,
							"userid"=>$re->item(0)->getAttribute("userid"),
							"name"=>$re->item(0)->getAttribute("name"),
							"role"=>$re->item(0)->getAttribute("role"),
							"menu"=>$this->getMenuItem());
			NewBudget_Session::set("username",$result["name"]);
			NewBudget_Session::set("userid",$result["userid"]);
		}
		else
			$result=array("result"=>0,"reason"=>"用户名或密码错误，请核对后再试。");
		echo NewBudget_Json::encode($result);
	}
	public function getUserList(){
		$user=$this->xmldb->xselect("user");
		$l=$user->length;
		$result=Array();
		for($i=0;$i<$l;$i++){
			Array_push($result,Array("userid"=>$user->item($i)->getAttribute("userid"),"name"=>$user->item($i)->getAttribute("name"),"username"=>$user->item($i)->getAttribute("username"),"role"=>$user->item($i)->getAttribute("role")));
		}
		echo NewBudget_Json::encode($result);
	}
	private function addUser($datas){
		$username=$datas["username"];
		$pNode=$this->xmldb->xselect("/users")->item(0);
		$nNode=$this->xmldb->doc->createElement("user");
		if($this->xmldb->xselect("user[@username='$username']")->length>0)	return showesg("有相同用户名存在");//已经有同名用户存在
		$users=$this->xmldb->xselect("user");
		$userId=(int)$users->item($users->length-1)->getAttribute("userid")+1;
		$nNode->setAttribute("userid",$userId);
		$this->setUserAttr($nNode,$datas);
		$pNode->appendChild($nNode);
		$this->xmldb->saveDoc();
		return Array("result"=>1);
	}
	public function editUser($args){
		$userid=$args["userid"];
		if(0==$userid)	return	$this->addUser($args["data"]);
		$this->setUserAttr($this->xmldb->xselect("user[@userid='$userid']")->item(0),$args["data"]);
		$this->xmldb->saveDoc();
		return Array("result"=>1);
	}
	private function setUserAttr($node,$datas){
		//echo NewBudget_Json::encode($datas);
		foreach($datas as $key=>$value){
			if("passwd"==$key)	$value=md5($value);
			if("repwd"==$key)	continue;
			$node->setAttribute($key,$value);
		}
	}
	public function modifypwd($args){
		$userid=$args["userid"];
		$newpwd=md5($args["newpwd"]);
		$oldpwd=md5($args["oldpwd"]);
		$node=$this->xmldb->xselect("user[@userid='$userid']")->item(0);
		if($oldpwd!=$node->getAttribute("passwd"))	return showesg("当前密码输入不正确");
		$node->setAttribute("passwd",$newpwd);
		$this->xmldb->saveDoc();
		return Array("result"=>1);
	}
	public function visitorLogin(){
		NewBudget_Session::set("userrole","guest");
		$result=array("result"=>1,
						"userid"=>0,
						"name"=>'游客',
						"role"=>'guest',
						"menu"=>$this->getMenuItem());
		NewBudget_Session::set("username",'游客');
		NewBudget_Session::set("userid",-1);//-1就表示游客
		echo NewBudget_Json::encode($result);
	}
	private function getMenuItem(){
		if(isAdmin())	return Array(Array("css"=>"newfile","func"=>"newFile","menuName"=>"新建概算"),
			Array("css"=>"openfile","func"=>"getList","menuName"=>"打开概算"),
			Array("css"=>"managetree","func"=>"manageQuota","menuName"=>"定额管理"),
			Array("css"=>"manageuser","func"=>"manageUser","menuName"=>"用户管理"),
			Array("css"=>"template","func"=>"manageTemplate","menuName"=>"模板管理"),
			Array("css"=>"modifypwd","func"=>"modifypwd","menuName"=>"修改口令"),
			Array("css"=>"help","func"=>"help","menuName"=>"帮助"),
			Array("css"=>"about","func"=>"about","menuName"=>"关于"),
			Array("css"=>"logout","func"=>"logout","menuName"=>"退出系统"));
		if(isGuest())	return Array(Array("css"=>"openfile","func"=>"getList","menuName"=>"打开概算"),
			Array("css"=>"managetree","func"=>"manageQuota","menuName"=>"查看定额"),
			Array("css"=>"help","func"=>"help","menuName"=>"帮助"),
			Array("css"=>"about","func"=>"about","menuName"=>"关于"));
		if(isActor())	return Array(Array("css"=>"newfile","func"=>"newFile","menuName"=>"新建概算"),
			Array("css"=>"openfile","func"=>"getList","menuName"=>"打开概算"),
			Array("css"=>"managetree","func"=>"manageQuota","menuName"=>"查看定额"),
			Array("css"=>"modifypwd","func"=>"modifypwd","menuName"=>"修改口令"),
			Array("css"=>"help","func"=>"help","menuName"=>"帮助"),
			Array("css"=>"about","func"=>"about","menuName"=>"关于"),Array("css"=>"logout","func"=>"logout","menuName"=>"退出系统"));
		return 0;
	}
	public function logout(){
		NewBudget_Session::remove("username");
		NewBudget_Session::set("userid");
		NewBudget_Session::set("userrole");
		header("location:index.php");
	}
	public function deluser($args){
		$node=$this->xmldb->xselect("user[@userid='".$args["userid"]."']")->item(0);
		$this->xmldb->xselect("/users")->item(0)->removeChild($node);
		$this->xmldb->saveDoc();
		echo NewBudget_Json::encode(Array("result"=>"1"));
	}
}
$jsonStr=NewBudget_Json::decode(stripslashes($_POST["json"]));
$userObj=new NewBudget_User();
switch($_POST["action"]){
	case "auth":
		$userObj->authentication($jsonStr);
		break;
	case "getUserDetail":
		$userObj->getUserDetail($jsonStr);
		break;
	case "listuser":
		if(!isAdmin())	echo NewBudget_Json::encode(showesg("你没有权限"));
		$userObj->getUserList();
		break;
	case "edituser":
		if(!isAdmin())	echo NewBudget_Json::encode(showesg("你没有权限"));
		echo NewBudget_Json::encode($userObj->editUser($jsonStr));
		break;
	case "modifypwd":
		echo NewBudget_Json::encode($userObj->modifypwd($jsonStr));
		break;
	case "logout":
		$userObj->logout();
		break;
	case "visitorLogin":
		$userObj->visitorLogin();
		break;
	case "logout":
		$userObj->logout();
		break;
	case "deluser":
		if(!isAdmin())	echo NewBudget_Json::encode(showesg("你没有权限"));
		$userObj->deluser($jsonStr);
		break;
	default:
		echo "";
		break;
}
?>